Now Reading
MSI’s (in)Safe Boot – Dawid Potocki

MSI’s (in)Safe Boot – Dawid Potocki

2023-01-15 05:07:12

I suppose I’ve discovered a motive to jot down my first weblog publish.

Earlier than we begin, perhaps I’ll shortly clarify what Safe Boot is. It’s
a safety function, which permits our laptop to say no booting
working programs that haven’t been signed by a key that the firmware
trusts.

On 2022-12-11, I made a decision to setup Safe Boot on my new desktop with a
assist of sbctl. Sadly I’ve
discovered that my firmware was… accepting each OS picture I gave it, no
matter if it was trusted or not. It wasn’t the primary time that I’ve
been self-signing Safe Boot, I wasn’t doing it incorrect.

As I’ve later found on 2022-12-16, it wasn’t simply damaged
firmware, MSI had modified their Safe Boot defaults to permit booting on
safety violations(!!).

This may be modified by going to the place the place the settings are for
Safe Boot in your motherboard. In my case it is in SecuritySecure Boot. From this place, we will see a menu referred to as “Picture Execution
Coverage”, which is the wrongdoer.

Firmware Screenshot 0

Once we enter the menu, we will see the disappointing default settings.
It is doing no verification. It is ineffective. It is simply there to fulfill
Home windows 11 necessities. OS has no concept that Safe Boot is doing
nothing, it simply is aware of that it is “enabled”.

Firmware Screenshot 1

To vary the settings to one thing saner, we’ve got to alter “All the time
Execute” to “Deny Execute” for “Detachable Media” and “Fastened Media”.
What’s humorous is that “Permit Execute” and “Question Person” choices
are breaking UEFI specification,
although I am probably not positive what is the distinction between “Permit Execute”
and “All the time Execute”.

We are able to additionally change “Possibility ROM”, about which you’ll learn extra about
right here:

Firmware Screenshot 2

Case closed, everybody can transfer on, proper?

Properly, probably not. I wanted to determine if that is solely affecting my
motherboard or additionally different fashions and perhaps even different distributors. And in addition
we have to doc this, as a result of even when I do know this, there’s in all probability
lots of people that aren’t aware of this challenge.

I had requested 2 customers of B450 TOMAHAWK MAX (thanks Sage Hane and Daniel
Nathan Grey) to test their firmware and what? Unsurprisingly, it is also
there. We had been capable of decide that model 7C02v3C from 2022-01-18
launched this challenge.

Is it talked about within the changelog? Hah, nope.

Firmware Screenshot 3

I’ve additionally acquired data from a person of B550-A PRO (CEC) (thanks
Joseph Richey) that they’ve this challenge from 7C56vH1 (2021-12-20)
onwards.

Whereas I used to be capable of extrapolate this data to guess which variations
for different boards have launched this challenge, that is not actually sufficient.
We have to go deeper.

I’ve tried extracting some data from MSI’s binary firmware
information, however to no avail. I attempted utilizing binwalk, UEFITool and others, however
I did not actually discover what I needed. Till at some point I’ve discovered that
UEFI has a factor referred to as “UEFI Inside Type Illustration” or in brief
“IFR”. It is a strategy to describe firmware configuration choices. That is
precisely what I have to search for! Now, what do I do with this data?

As soon as we extract information from the firmware utilizing UEFIExtract from
UEFITool mission, we will discover a
file referred to as
Section_PE32_image_899407D7-99FE-43D8-9A21-79EC328CAC21_Setup_body.bin.
It accommodates most of UEFI GUI stuff and appears to be accessible on all
firmware from all main desktop motherboard makers, although ASUS determined
to take away “Setup” from the identify for some motive or perhaps it has to do
one thing to do with the UEFIExtract, unsure.

Now as soon as we’ve got this file, we’ve got to extract IFR information from it, to do
it we will use IFRExtractor RS.
Funnily sufficient, it is made by the identical individuals as UEFITool. Thanks guys
on your arduous work, in any other case I must do it myself ;p.

Now with IFR extracted, we’ve got what we needed. We are able to see all of the
UEFI settings accessible, together with “Picture Execution Coverage”.

Type FormId: 0x2A79, Title: "Picture Execution Coverage"
	Textual content Immediate: "Inside FV", Assist: "", Textual content: "All the time Execute"
	OneOf Immediate: "Possibility ROM", Assist: "Picture Execution Coverage on Safety Violation per Gadget Path", QuestionFlags: 0x10, QuestionId: 0x1116, VarStoreId: 0x28, VarOffset: 0x4, Flags: 0x10, Dimension: 8, Min: 0x0, Max: 0x5, Step: 0x0
		Default DefaultId: 0x0 Worth: 0
		OneOfOption Possibility: "All the time Execute" Worth: 0
		OneOfOption Possibility: "All the time Deny" Worth: 1
		OneOfOption Possibility: "Permit Execute" Worth: 2
		OneOfOption Possibility: "Defer Execute" Worth: 3
		OneOfOption Possibility: "Deny Execute" Worth: 4
		OneOfOption Possibility: "Question Person" Worth: 5
	Finish
	OneOf Immediate: "Detachable Media", Assist: "Picture Execution Coverage on Safety Violation per Gadget Path", QuestionFlags: 0x10, QuestionId: 0x1117, VarStoreId: 0x28, VarOffset: 0x5, Flags: 0x10, Dimension: 8, Min: 0x0, Max: 0x5, Step: 0x0
		Default DefaultId: 0x0 Worth: 0
		OneOfOption Possibility: "All the time Execute" Worth: 0
		OneOfOption Possibility: "All the time Deny" Worth: 1
		OneOfOption Possibility: "Permit Execute" Worth: 2
		OneOfOption Possibility: "Defer Execute" Worth: 3
		OneOfOption Possibility: "Deny Execute" Worth: 4
		OneOfOption Possibility: "Question Person" Worth: 5
	Finish
	OneOf Immediate: "Fastened Media", Assist: "Picture Execution Coverage on Safety Violation per Gadget Path", QuestionFlags: 0x10, QuestionId: 0x1118, VarStoreId: 0x28, VarOffset: 0x6, Flags: 0x10, Dimension: 8, Min: 0x0, Max: 0x5, Step: 0x0
		Default DefaultId: 0x0 Worth: 0
		OneOfOption Possibility: "All the time Execute" Worth: 0
		OneOfOption Possibility: "All the time Deny" Worth: 1
		OneOfOption Possibility: "Permit Execute" Worth: 2
		OneOfOption Possibility: "Defer Execute" Worth: 3
		OneOfOption Possibility: "Deny Execute" Worth: 4
		OneOfOption Possibility: "Question Person" Worth: 5
	Finish
Finish

I’ve checked if different distributors (ASRock, ASUS, Biostar, EVGA, Gigabyte
and NZXT) have the identical factor and I wasn’t capable of finding something like
that of their IFR. Additionally MSI’s laptops will not be affected by this challenge.
I am gonna assume that they figured that Microsoft would not approve it
and/or that they’d much less tickets from individuals about Safe Boot associated
points for his or her laptops.

Now, doing this manually can be kinda annoying, so I made a small
little shell script which checks if “Picture Execution Coverage” menu is
accessible and if any of the three choices are set to “All the time Execute”.

#!/bin/sh

if [ ! -d "$1" ]; then
	[ ! -f "$1.zip" ] && curl "https://obtain.msi.com/bos_exe/mb/$1.zip" -O -#
	bsdtar xf "$1.zip"
fi

cd "$1" || exit
UEFIExtract ./*MS.* unpack 1>/dev/null
ifrextractor ./*.dump/Section_PE32_image_899407D7-99FE-43D8-9A21-79EC328CAC21_Setup_body.bin 1>/dev/null
output="$(grep -A1 -E 'OneOf Immediate: "(Possibility ROM|Detachable Media|Fastened Media)", Assist: "Picture Execution Coverage' ./*.dump/Section_PE32_image_899407D7-99FE-43D8-9A21-79EC328CAC21_Setup_body.bin.*ifr.txt)"
clear

if echo "$output" | grep -q "DefaultId: 0x0"; then
	printf "33[1;31mpercents: Dangerous33[0mn" "$1"
else
	printf "33[1;32mpercents: Good33[0mn" "$1"
fi

Now that is the place the enjoyable half ends. Now I needed to test firmware for
MSI’s considerably latest boards.

Whereas we will get a lot of the firmware simply by going to motherboard’s
help web page, MSI often solely lists secure firmware and the most recent
beta. The issue is that I would like to determine the earliest affected
model of the firmware for every board, which implies that I’ve to guess
what the betas had been referred to as (in the event that they even existed). A minimum of MSI would not
take away most of its beta firmware from their servers, so they’re nonetheless
accessible if you already know the hyperlink.

See Also

For some AMD boards, I’ve discovered a listing of beta firmware on some German
discussion board. Fortunately, I did not need to learn any German, as a result of opposite to
the favored perception, I do not know German or Russian, I am Polish.

This… took eternally. I checked each motherboard for:

  • AMD: TRX40, X670, X570, X470, X370, B650, B550, B450, B350, A520, A320
  • Intel: X399, X299, Z790, Z690, Z590, Z490, Z390, Z370, B760, B660, B560, B460, B360, H670, H510, H410, H370, H310

It is… loads of motherboards. For a full record of affected motherboards
and their firmware variations, go to
sbctl#181.

And now it is time for some “enjoyable” statistic:

# The quantity of occasions I ran the script
$ historical past 0 | grep "  msi " | wc -l
1989

In accordance with Wikipedia in 1989:

The primary business Web service suppliers surfaced on this 12 months,
in addition to the primary written proposal for the World Huge Internet and New
Zealand, Japan and Australia’s first Web connections.

Properly, that was a mistake.

You may ask me, why did not I automate it? The reason being… properly… a few of
it isn’t very easy to as some beta names have arbitrary suffixes
which was sooner for me to guess than having a script bruteforce its manner
in. Additionally some boards weren’t listed on their motherboard record web page.

Now, after doing all of the work for MSI, I believe I ought to invoice them, that
or they need to give me a lifetime provide of their motherboards.

If you’re curious, sure, I’ve tried contacting MSI about this challenge,
however they ignored my emails and different types of communication I’ve
tried.

Conclusion

Do not belief that no matter security measures you enabled are working,
TEST THEM! Someway I used to be the primary individual to doc this, despite the fact that
it has been first launched someplace in 2021 Q3.

Quiz time!

What is the distinction between these 3 boards:

Heatsink and PCB colors! They’re the identical board and share the identical
firmware! However hey, the purple and white one is just for players however black is
solely appropriate for “professionals”.

Source Link

What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top